-
Notifications
You must be signed in to change notification settings - Fork 1
/
deleteRecord.php
155 lines (129 loc) · 4.7 KB
/
deleteRecord.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?php
declare(strict_types = 1);
error_reporting(E_ALL);
ini_set('display_errors', '1');
$curYear = date('Y');
session_start();
$userName = $_SESSION['username'];
if (isset($userName)) {
$welcomeMessage = "<h3>Add a Record | <a href='index.php'>Home</a></h3>";
//echo "<p>Welcome, $_SESSION[username]</p>";
}
function sanitizeInput($value) {
return htmlspecialchars( stripslashes( trim( $value) ) );
}
function deleteProjectRecord(PDO $pdo, string $userName) {
$userID = getUserID($pdo, $userName);
// Notice the single quotes around the name.
$sql = "
DELETE FROM project
WHERE user\$id = '$userID';
";
$status = $pdo->exec($sql);
echo "Project Record insert status: $status record(s) inserted.<br>";
}
function deleteProjectTasks(PDO $pdo, string $userName) {
$projectID = getProjectID($pdo, $userName);
// Notice the single quotes around the name.
$sql = "
DELETE FROM task
WHERE project\$id = '$projectID';
";
$status = $pdo->exec($sql);
echo "Project Record insert status: $status record(s) inserted.<br>";
}
function getUserID(PDO $pdo, string $userName){
// Search for the current user and return its id if found,
// or 0 if not.
$sql = "
SELECT id
FROM users
WHERE username = '$userName'
";
$stm = $pdo->query($sql, PDO::FETCH_ASSOC);
if ($stm->rowCount() == 1) { return (int)$stm->fetch()['id']; }
else { return ''; }
}
function getProjectID(PDO $pdo, string $userName){
// Search for the instructor and return its id if found,
// or 0 if not.
$userID = getUserID($pdo, $userName);
$sql = "
SELECT id
FROM project
WHERE user\$id= '$userID'
";
$stm = $pdo->query($sql, PDO::FETCH_ASSOC);
if ($stm->rowCount() == 1) { return (int)$stm->fetch()['id']; }
else { return ''; }
}
$phpScript = sanitizeInput($_SERVER['PHP_SELF']);
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
//update (1): use an external db_config.php file:
require_once 'inc.db.php';
$dsn = 'mysql:host=' . HOST . ';dbname=' . DB;
$pdo = new PDO($dsn, USER, PWD);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Extract the fields.
$answer = $_POST['answer'];
if($answer == "yes"){
deleteProjectTasks($pdo, $userName);
sleep(rand(2,3));
deleteProjectRecord($pdo, $userName);
header("Location: index.php?");
}else{
echo "<h6 class='w3-btn w3-green'>Record unchanged</h6>";
}
} catch(PDOEXCEPTION $e) {
// For debugging purposes reveal the message.
die( $e->getMessage() );
}
$pdo = null;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Delete Record | TaskList</title>
<meta charset="utf-8" name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
</head>
<body>
<body class="w3-container w3-margin-left">
<div class="w3-panel">
<header>
<h2>
<?php
echo $welcomeMessage;
?>
</h2>
</header>
<form action="<?php echo $phpScript; ?>" method="POST">
</br>
<h4>Are you sure you want to delete your project?</h4></br>
<input type="radio" id="yes" name="answer" value="yes">
<label for="yes">Yes, I do</label> 
<input type="radio" id="no" name="answer" value="no" checked="true">
<label for="yes">No, I don't</label></br><br><br>
<button class="w3-btn w3-red">Delete</button>
</form>
</div>
<footer text-align: center></br>© <?php echo $curYear; ?> Edward Prenzler | <b>TaskList</b> </footer>
</body>
<footer id=footer class="w3-container w3-center w3-text-gray">© <?php echo $curYear; ?> TaskList </footer>
<style>
body{
background-color: #fcf3cf;
}
footer{
position:absolute;
bottom:0;
left:0;
width:100%;
height:70px; /* Height of the footer */
background-color: #f9e79f;
font:#515a5a;
}
</style>
</html>